Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE39F/C15C41B4FD5711EABC3CA24DC4F9AE02/CAF5CED2E1A511EC8AB72944C4F9AE02.roa
File:                     CAF5CED2E1A511EC8AB72944C4F9AE02.roa (raw, json)
Hash identifier:          RDD72frvNOPZMt18kzGzNu68lXI5zOQOKbxpNTyOWDM=
Subject key identifier:   16:1A:80:03:83:12:8A:CB:EE:DF:F2:63:47:78:CC:FF:B4:7D:B0:41
Certificate issuer:       /CN=A91CE39F/serialNumber=4FFFAC717813392EE1C876A321671E1D6C2AB9B4
Certificate serial:       0656
Authority key identifier: 4F:FF:AC:71:78:13:39:2E:E1:C8:76:A3:21:67:1E:1D:6C:2A:B9:B4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T_-scXgTOS7hyHajIWceHWwqubQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CE39F/C15C41B4FD5711EABC3CA24DC4F9AE02/CAF5CED2E1A511EC8AB72944C4F9AE02.roa
Signing time:             Sat 27 May 2023 00:06:18 +0000
ROA not before:           Sat 27 May 2023 00:06:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        103.151.192.0/24 maxlen: 24
                          103.151.193.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91CE39F/C15C41B4FD5711EABC3CA24DC4F9AE02/T_-scXgTOS7hyHajIWceHWwqubQ.crl
                          rsync://rpki.apnic.net/member_repository/A91CE39F/C15C41B4FD5711EABC3CA24DC4F9AE02/T_-scXgTOS7hyHajIWceHWwqubQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T_-scXgTOS7hyHajIWceHWwqubQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 22:41:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1622 (0x656)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CE39F/serialNumber=4FFFAC717813392EE1C876A321671E1D6C2AB9B4
        Validity
            Not Before: May 27 00:06:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6471497a-9863
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:c1:5a:b7:18:50:c5:66:6f:df:73:c5:42:6f:
                    fb:8c:35:f8:75:a8:38:81:51:5d:13:c7:ea:fa:87:
                    a8:3b:81:08:e0:24:c5:51:e1:53:7a:45:83:0b:13:
                    bd:a4:a8:e1:89:04:c3:11:d9:6d:44:a9:e8:70:05:
                    ae:63:92:45:93:8f:3d:3d:34:8f:a4:49:bf:b1:aa:
                    b5:bf:60:96:83:a2:85:bc:43:b7:b2:b2:29:0a:2b:
                    46:5b:2e:ae:79:9a:a6:55:19:62:be:4c:c0:78:71:
                    cb:3e:56:4e:29:7c:9a:53:9b:23:f5:72:c0:48:3e:
                    b9:f6:52:61:ff:77:6a:53:b4:04:54:19:ea:5c:c4:
                    89:78:da:15:46:49:7a:81:6e:d9:f4:a7:46:33:57:
                    01:65:33:9a:63:73:42:2b:cb:52:f3:89:63:27:28:
                    f6:ae:73:22:75:c1:22:f1:d7:e8:6b:7d:84:c1:34:
                    46:eb:33:75:d0:a9:98:75:08:a9:1d:2a:ee:9a:57:
                    72:b0:36:7d:94:85:98:87:e3:43:01:3d:7e:7e:85:
                    ef:97:b4:a1:55:88:3d:de:0e:1e:b1:d6:a4:5d:36:
                    0b:aa:76:7e:be:4e:17:a0:70:c5:e5:9d:50:77:47:
                    4c:b1:fc:1c:35:2c:05:82:5b:86:b8:73:b3:09:65:
                    55:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:1A:80:03:83:12:8A:CB:EE:DF:F2:63:47:78:CC:FF:B4:7D:B0:41
            X509v3 Authority Key Identifier:
                keyid:4F:FF:AC:71:78:13:39:2E:E1:C8:76:A3:21:67:1E:1D:6C:2A:B9:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CE39F/C15C41B4FD5711EABC3CA24DC4F9AE02/T_-scXgTOS7hyHajIWceHWwqubQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T_-scXgTOS7hyHajIWceHWwqubQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE39F/C15C41B4FD5711EABC3CA24DC4F9AE02/CAF5CED2E1A511EC8AB72944C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.192.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3f:bf:73:25:38:18:63:af:8e:bf:0a:35:10:74:65:3f:8f:08:
         9a:42:41:64:33:34:38:b9:5b:38:35:85:8d:58:59:59:65:6a:
         4d:e8:46:91:da:04:11:a8:f0:8e:12:34:25:35:b2:37:15:d2:
         2a:fd:5f:48:e9:db:b3:73:91:a7:f6:94:43:9a:f4:31:f9:3c:
         f8:86:ad:2e:82:9f:6a:60:d8:16:53:8d:80:d2:c1:15:f1:19:
         3f:ff:4e:ff:94:9d:46:bc:ed:53:08:c0:d5:5c:97:69:d7:a3:
         5b:39:c6:63:47:c5:60:5a:bb:36:e1:e5:78:c1:41:28:17:3d:
         31:d2:6a:d1:8d:f5:00:d3:0b:1f:a4:68:c1:09:a8:97:7f:18:
         df:e6:8c:92:d8:a0:9b:b8:3b:c7:ca:64:ee:2d:9b:e4:39:34:
         c7:f4:53:02:78:6d:72:cc:23:b4:21:0a:1a:a0:ba:6d:38:f1:
         a7:8b:85:3a:f7:a7:3f:d4:1a:2d:3c:75:96:3e:73:2c:1d:e7:
         52:b7:36:ba:48:68:f8:cd:ab:8d:de:36:f6:3b:56:31:c7:fb:
         84:f0:77:36:95:e1:af:c6:91:f0:e6:c7:d4:72:dc:fd:c3:8d:
         1f:89:3a:0b:7a:46:2e:c8:48:0a:df:49:2c:5e:1b:7a:19:d7:
         1e:0b:24:aa
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBlYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0UzOUYxMTAvBgNVBAUTKDRGRkZBQzcxNzgxMzM5MkVFMUM4NzZBMzIxNjcxRTFE
NkMyQUI5QjQwHhcNMjMwNTI3MDAwNjE4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDcxNDk3YS05ODYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy8FatxhQxWZv33PFQm/7jDX4dag4gVFdE8fq+oeoO4EI4CTFUeFTekWDCxO9
pKjhiQTDEdltRKnocAWuY5JFk489PTSPpEm/saq1v2CWg6KFvEO3srIpCitGWy6u
eZqmVRlivkzAeHHLPlZOKXyaU5sj9XLASD659lJh/3dqU7QEVBnqXMSJeNoVRkl6
gW7Z9KdGM1cBZTOaY3NCK8tS84ljJyj2rnMidcEi8dfoa32EwTRG6zN10KmYdQip
HSrumldysDZ9lIWYh+NDAT1+foXvl7ShVYg93g4esdakXTYLqnZ+vk4XoHDF5Z1Q
d0dMsfwcNSwFgluGuHOzCWVVbwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBYagAOD
EorL7t/yY0d4zP+0fbBBMB8GA1UdIwQYMBaAFE//rHF4Ezku4ch2oyFnHh1sKrm0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTM5Ri9DMTVDNDFCNEZE
NTcxMUVBQkMzQ0EyNERDNEY5QUUwMi9UXy1zY1hnVE9TN2h5SGFqSVdjZUhXd3F1
YlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RfLXNjWGdUT1M3aHlIYWpJV2NlSFd3cXViUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0UzOUYvQzE1QzQxQjRGRDU3MTFFQUJDM0NBMjREQzRGOUFFMDIvQ0FGNUNFRDJF
MUE1MTFFQzhBQjcyOTQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnl8AwDQYJKoZIhvcNAQELBQADggEBAD+/cyU4GGOvjr8K
NRB0ZT+PCJpCQWQzNDi5Wzg1hY1YWVllak3oRpHaBBGo8I4SNCU1sjcV0ir9X0jp
27Nzkaf2lEOa9DH5PPiGrS6Cn2pg2BZTjYDSwRXxGT//Tv+UnUa87VMIwNVcl2nX
o1s5xmNHxWBauzbh5XjBQSgXPTHSatGN9QDTCx+kaMEJqJd/GN/mjJLYoJu4O8fK
ZO4tm+Q5NMf0UwJ4bXLMI7QhChqgum048aeLhTr3pz/UGi08dZY+cywd51K3NrpI
aPjNq43eNvY7VjHH+4TwdzaV4a/GkfDmx9Ry3P3DjR+JOgt6Ri7ISArfSSxeG3oZ
1x4LJKo=
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:50:00 2024 by rpki-client on console-ams.rpki-client.org